$this->field->
setSetting('file_extensions', 'php'
)->
save();
$this->
refreshTestStateAfterRestConfigChange();
$response =
$this->
fileRequest($uri,
$php_string,
['Content-Disposition' => 'filename="example_7.php"'
]);
$this->
assertResourceErrorResponse(422, "Unprocessable Entity: file validation failed.\nFor security reasons, your upload has been rejected.",
$response);
// Make sure that no file was saved.
$this->
assertFileDoesNotExist('public://foobar/example_7.php'
);
$this->
assertFileDoesNotExist('public://foobar/example_7.php.txt'
);
// Now allow insecure uploads.
\Drupal::
configFactory() ->
getEditable('system.file'
) ->
set('allow_insecure_uploads', TRUE
) ->
save();
// Allow all file uploads. This is very insecure.
$this->field->
setSetting('file_extensions', ''
)->
save();
$this->
refreshTestStateAfterRestConfigChange();
$response =
$this->
fileRequest($uri,
$php_string,
['Content-Disposition' => 'filename="example_7.php"'
]);
$expected =
$this->
getExpectedNormalizedEntity(7, 'example_7.php', TRUE
);
// Override the expected filesize.
$expected['filesize'
][0
]['value'
] =
strlen($php_string);